Lucene search
K

45 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.7 views

CVE-2023-25022

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kiboko Labs Watu Quiz plugin = 3.3.8 versions...

5.9CVSS5.6AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.17 views

CVE-2024-2640

The Watu Quiz WordPress plugin before 3.4.1.2 does not sanitise and escape some of its settings, which could allow users such as authors if they've been authorized by admins to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

6.8CVSS5.8AI score0.00394EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.3 views

CVE-2025-68587 WordPress Watu Quiz plugin <= 3.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through = 3.4.5...

4.3CVSS6.6AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/26 6:36 a.m.10 views

CVE-2025-11238

The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP Referer header in versions less than, or equal to, 3.4.4 due to insufficient input sanitization and output escaping when the "Save source URL" option is enabled. This makes it possible for unauthenticated...

7.2CVSS5.4AI score0.00233EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-1121

Malware in sbrugna...

9.8CVSS6.9AI score0.00707EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16656

Malicious code in bioql PyPI...

6.4CVSS8.8AI score0.0048EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-16655

Malicious code in bioql PyPI...

4.3CVSS8.9AI score0.005EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12485

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00632EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-12486

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.0047EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-29001

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:10 a.m.8 views

CVE-2024-0873

The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.8AI score0.0048EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:26 a.m.19 views

CVE-2024-0872

The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta data which ca...

4.3CVSS6.4AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0968

The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS5.7AI score0.01252EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.10 views

CVE-2023-0429

The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS3.9AI score0.0047EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.6 views

CVE-2023-30483

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Kiboko Labs Watu Quiz plugin = 3.3.9.2 versions...

7.1CVSS5.8AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:46 a.m.4 views

CVE-2023-0428

The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.5CVSS5.6AI score0.00632EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:34 a.m.8 views

CVE-2015-10111

A vulnerability was found in Watu Quiz Plugin up to 2.6.7 on WordPress. It has been rated as critical. This issue affects the function watuexams of the file controllers/exam.php of the component Exam Handler. The manipulation of the argument quiz leads to sql injection. The attack may be initiate...

9.8CVSS7.5AI score0.00707EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/12 7:21 a.m.4 views

WordPress Watu Quiz plugin < 3.4.1.2 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Eunho Kim in WordPress Plugin Watu Quiz versions 3.4.1.2...

6.8CVSS6.1AI score0.00394EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.6 views

PT-2024-21374 · WordPress · Watu Quiz

Name of the Vulnerable Software and Affected Versions: Watu Quiz WordPress plugin versions prior to 3.4.1.2 Description: The issue allows users, such as authors authorized by admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, due to the...

6.8CVSS6.2AI score0.00394EPSS
Exploits1References6
NVD
NVD
added 2024/04/09 7:15 p.m.32 views

CVE-2024-0872

The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta data which ca...

4.3CVSS4.3AI score0.005EPSS
Exploits0References2
Rows per page
Query Builder